Last Updated: April 27, 2023
Masimo Corp. and its affiliates and subsidiaries (“Masimo,” “we,” “us,” “our”), provides this Privacy Notice in connection with the Masimo Halo™ mobile App and the Opioid Halo™ device (the “Privacy Notice”) to explain how we collect, use, disclose and otherwise process the personal data of the users (“you,” and “your”) of Masimo Halo™ mobile application (“Halo App ” or the “App”) and rights you may have under applicable privacy laws related to your personal data.
For information about the privacy choices you have regarding your personal data, please refer to the Section 7 “Your Rights”, as well as the Section 11 “Additional Information for Certain Jurisdictions” below, which includes additional information about privacy rights applicable to residents of specific jurisdictions.
If you are a resident of California, please also refer to our California Privacy Notice for additional information about the categories of personal data we collect and your rights under California law.
1. What Personal Data Do We Collect?
As further described below, we collect personal data directly from you, automatically from your use of the Halo App, and from third parties whose personal information you share in the App.
You are under no obligation to provide us with the requested personal information. However, if you do not provide the requested information, you will not be able to use the Halo App.
The categories of personal data we collect through your use of the Halo App include the following categories and types of personal data:
2. From What Sources Do We Collect Personal Data?
We may collect your personaldata from (i) you directly, (ii) Masimo devices that you connect with the Halo App, and (iii) automatically when you access, install, navigate through, interact with, or otherwise use the Halo App.
3. What Are the Legal Bases for Processing Your Personal Data?
Opioid Halo™ is available and used globally. Most data protection laws require that we inform you of the legal bases for processing your personal data, which laws may vary depending on the country or state of residence. Pursuant to such applicable data protection laws, we process your personal data generally on the legal bases set forth below:
4. For What Purposes Do We Process Your Personal Data?
In general, we collect, use, disclose, and otherwise process your personal data listed above as necessary to:
5. To Whom Do We Disclose Personal Data?
We may disclose the personal data that we collect for the purposes described above to the following:
In the event of a business transfer, whether as part of a bankruptcy or insolvency proceeding or otherwise, we or our affiliates may transfer the personal data we have collected from or about you to the acquiring or surviving entity in accordance with applicable law, and we may also share certain personal data as necessary prior to the completion of such a transfer, such as to lenders, auditors, and third-party advisors.
6. How Long Do We Retain Personal Data?
In general, we store personal data as long as is necessary to provide you with the functionality of the Halo App and services that you requested unless we are required or permitted by law to retain the personal data for a longer period of time. For example, if we need to keep your information, including personal data, for tax, audit, or other legal compliance for a legally prescribed time period thereafter, or if we need it to preserve evidence within the statutes of limitation, we will retain your personal data for such purposes.
7. Your Rights
We make available several ways you can manage your privacy choices and submit privacy requests related to your personal data. These include:
For additional information on how Masimo processes personal data outside the context of the Halo App, please see our General Privacy Notice.
8. Contact Us
If you have any privacy-related inquiries or questions regarding this Privacy Notice, please contact our privacy department at email@example.com. To exercise any rights you may have under this Privacy Notice, please submit a request using our online form available here.
9. Changes to this Privacy Notice
This Privacy Notice is updated as of the Last Updated date set forth above and supplements any other notices that apply in relation to the collection, use and disclosure of your personal data by us. We may revise this Privacy Notice from time to time and will make the revised document available here and through the Halo App.
10. Additional Information:
For general information about how Masimo processes personal data, please see Masimo’s California Privacy Notice.
11. ADDITIONAL INFORMATION FOR CERTAIN JURISDICTIONS
In this Section, we supplement this Privacy Notice by providing: (i) additional information related to rights you may have under applicable privacy laws in the jurisdiction you reside; and (ii) applicable disclosures required by the privacy laws of these jurisdictions.
A. IF YOU RESIDE IN CALIFORNIA
If you are a California resident, please see our California Privacy Notice.
B. IF YOU ARE IN THE EUROPEAN ECONOMIC AREA (EEA), THE UNITED KINGDOM (UK), AND SWITZERLAND
Data Controller. For purposes of this Privacy Notice, Masimo Österreich GmbH, Mariahilfer Straße 136, 1150 Wien, Austria is the controller of your personal data.
DPO Information. Our data protection officer is Dr. Sebastian Kraska and you can contact him at firstname.lastname@example.org You can also contact our privacy office at email@example.com. Masimo’s UK GDPR representative is Masimo Europe Limited, Matrix House, Basing View, Basingstoke - Hampshire RG21 4DZ.
Legal Bases of Processing. To the extent we collect health data, the legal basis of processing is your express consent You have the right to withdraw your consent at any time. Such withdrawal does not affect the lawfulness of processing based on your consent before your withdrawal. However, after such withdrawal, we will no longer be able to provide you with the full scope of the Halo App services. In extenuating circumstances, such as where the processing is necessary to protect the data subject’s vital interests or to establish, exercise and defend legal claims, the legal basis of processing your health data may be another legal basis set forth under applicable law. Please see Section 3 “What Are the Legal Bases for Processing Your Personal Data” above for the list of legal basis that we currently rely on for the processing of your personal data.
In the EEA, the UK and Switzerland you have the following additional rights, subject to the conditions and limitations under the GDPR or other applicable local data privacy and protection laws:
In certain jurisdictions such as France and Portugal, you also have the right to provide Masimo with guidelines as to the processing of your personal data after your death.
You may view a list of supervisory authorities in the European Union and their respective contact information here: https://edpb.europa.eu/about-edpb/board/members_en. You may view the UK supervisory authority's contact information here: https://ico.org.uk/global/contact-us/. You may view the Swiss Federal Data Protection and Information Commissioner's contact information here: https://www.edoeb.admin.ch/edoeb/en/home.html.
Contact Us. You can exercise your rights by contacting us by email at firstname.lastname@example.org or by submitting an online form available here. Please see Section 8 above for more information.
Cross-Border Data Transfers:
Masimo, its subsidiaries, affiliates and service providers may transfer your personal data to, or access it in, jurisdictions (including the United States and other jurisdictions where we, our affiliates, subsidiaries, and service providers have operations) that do not include equivalent levels of data protection as your home jurisdiction. In such cases, we will take steps to ensure that your personal data receives an adequate level of protection in the jurisdictions in which we process it, including through appropriate written data processing terms, data transfer agreements and/or other legally acceptable mechanisms, including your express consent, according to applicable local laws.
If you are in the European Economic Area, the United Kingdom, or Switzerland and we process your personal data in a jurisdiction that the European Commission has deemed to not provide an adequate level of data protection (a “third country”), we will implement measures to adequately protect your personal data, such as by putting in place Standard Contractual Clauses as approved by the European Commission (the form for the standard contractual clauses can be found at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). To obtain additional details of the mechanism under which your personal data is transferred outside of the EEA or UK, you may request such details by contacting us at the contact details listed above.
C. IF YOU ARE IN CANADA
If your personal information (as this term is defined under applicable Canadian federal and provincial law) was collected in Canada, it will be handled in accordance with the main body of this Privacy Notice and applicable Canadian federal and substantially similar provincial privacy legislation. Please note the following additional aspects about how we handle your personal data:
Data Transfers Outside Canada/Quebec:
In order to provide you with our services, your personal data may be transferred to our affiliates, subsidiaries, or third-party service providers outside of Canada/Quebec, including to the United States. While located in those jurisdictions, your information will be subject to local law, including potential access by local law enforcement, which may be less protective of your personal information than under Canadian or European data protection law. As stated above, Masimo will ensure your personal information is transferred in accordance with applicable law and protected as described in this Privacy Notice.
We will collect, use, or disclose your personal information when we have your consent, which may be express or implied depending on the circumstances, or as otherwise required or permitted by applicable law. You have the right to withdraw your consent, subject to legal and contractual restrictions. Should you withdraw your consent, we may not be able to provide all available Services to you.
For rights including those relating to access, correction, and erasure, please see Section 7 “Your Rights” above. You may also contact our Data Privacy Office should you have any questions or concerns about the handling of your personal information by using the methods set forth in Section 8 “Contact Us” above. We strive to address all such requests in a timely manner.
If you are located in the province of Quebec, we must reply to your request for access or rectification promptly and no later than 30 days after your request is received. If you are not satisfied with our response or you wish to file a formal complaint, you may always contact the Office of the Privacy Commissioner of Canada at 1-800-282-1376 (toll-free) or via regular mail: Office of the Privacy Commissioner of Canada, 30 Victoria Street, Gatineau, QC K1A 1H3. You may also contact the Office of the Privacy Commissioner in the provinces of British Columbia and Alberta or the Commission d’accàs à l’information in the province of Quebec, as applicable.
For general information about how Masimo processes personal data, please see Masimo’s General Privacy Notice.